cryptomining

The Acronis Security Team was one of the first to identify a new cryptomining campaign targeting the attrib.exe Windows process. Learn how our team detected the spike in crytomining attacks, how the AutoIt cryptomining malware works, and how Acronis Active Protection - built into Acronis cyber protection solutions - helps to keep your systems protected.

Cryptojacking – or illicit cryptomining – continues to be a major headache for companies and home users, with research showing that cybercriminals made an impressive $52.7 million by mining digital coins on victims’ machines during the first half of 2019.

NioGuard Security Lab, a member of Anti-Malware Testing Standard Organization (AMTSO), researched the matter and just posted a report that examines the level of protection against cryptojacking offered by leading endpoint security providers.

The results might shock some observers because Acronis, which now defends against illicit mining in its data protection solutions, outperformed the vast majority of leading endpoint security providers.

Cryptojacking attacks are not going away any time soon. Instead, they’re becoming more sophisticated – and more dangerous – by using advanced modular malware with worm capabilities as a delivery mechanism. A complex backdoor, called Plurox, was recently discovered by MalwareHunterTeam. It has a pluggable architecture and is able to spread itself over a local network, with the help of the EternalBlue exploit, and start cryptominers downloaded from the command and control (C&C) server.

With two newly released updates, Acronis takes its cyber protection capabilities for businesses to an exciting new level, allowing IT pros and business managers to focus on other priorities and rest even easier knowing their data is safe. The latest updates add integrated G Suite protection to Acronis’ existing backup and recovery services for more than 20+ platforms, plus built-in protection against cryptojacking, one of the fastest-growing malware threats.

Let’s take a closer look at how Acronis strengthened its cyber protection capabilities for businesses that take advantage of Acronis’ cloud offerings, Acronis Backup Service and Acronis Backup Cloud.

In case you missed it, Microsoft issued a warning last Friday to alert users that they might experience issues with the upcoming May 2019 Update for Windows 10 (version 1903) – and the issues are difficult to avoid. The good news is that Microsoft’s proactive communications means you can take precautions to protect your data before you initiate the update.

Use these seven tips to manage any changes ahead, whether it’s a standard Win 10 update, if your one of the 35% of companies upgrading from Win 7, or you’re coping with any future system update.

In 1966, Robert F. Kennedy delivered a speech that cited an ancient Chinese curse: “May [you] live in interesting times.” He continued, “Like it or not, we live in interesting times. They are times of danger and uncertainty, but they are also the most creative of any time in the history of mankind.”

That measured perspective, simultaneously seeing the glass as half-empty and half-full, is a useful one to adopt when considering infrastructure vulnerabilities in 2019.

One month after the release of the Acronis True Image 2019 Cyber Protection update, we’ve already gotten some interesting findings and amazing results to share from our update to our Acronis Active Protection defensive technologies. One of the major features added as part of the Cyber Protection update was the ability to detect and stop potential cryptomining malware in Windows systems, safeguarding the machines resources, performance and potential hardware of Acronis True Image users.

While we did not expect to see a lot of detections during the initial rollout, the telemetry data collected so far – surprisingly – shows the opposite.

We’ve blogged about RanSim before: it’s a nice tool from KnowBe4, a security awareness training company that employs the famous former hacker, Kevin Mitnick. They help people learn about IT security and prepare for various security threats. RanSim originally served as a ransomware simulator – allowing users to see if their systems were protected against ransomware attacks without the risk of the real thing.

Recently, KnowBe4 updated RanSim so that it also emulates cryptojackers – the latest, fast-growing malware threat that targets computers and mobile devices to hijack system resources to secretly mine cryptocurrency – and Acronis' cyber protection technology performed extremely well.

One of the fastest-growing malware threats of the past 18 months affects half of the businesses in the world, and most of them don’t know it. It’s called cryptojacking, an unintended consequence of the booming popularity of cryptocurrencies like Bitcoin. Most victims don’t notice that they’ve been hit by cryptojacking because its adverse effects are relatively inconsequential: it just steals CPU cycles from your computer, as well as the electricity required to power it.

Getting hit by ransomware -- a similarly-pervasive and fast-growing but much more destructive malware threat -- is like a roundhouse punch to the face: your files get locked up with encryption until you pay some distant criminal hundreds or thousands of dollars for the key. Compared to ransomware, cryptojacking seems more like a mosquito bite: an annoyance, not a grave threat.

But the harsh reality is that like disease-carrying insects, some cryptojackers bring lethal friends along with them.

There are few constants in the world. The sun will rise in the east. Rain will fall. Dropped toast will always land buttered-side down. And as quickly as technology advances, the threats to the data we rely on every day evolve as well.

While it is difficult to imagine every potential data loss event, since our founding 15 years ago, Acronis has gotten very good at anticipating and responding to threats so customers are always protected. Every solution Acronis offers is designed with the Five Vectors of Data Protection in mind – ensuring data is Safe, Accessible, Private, Authentic and Secure. We remember it by its acronym: SAPAS.